downloader – ESET Ireland

Registers as “Default Print Monitor”, but is a malicious downloader. Meet DePriMon

November 21, 2019

ESET researchers have discovered a new downloader with a novel, not previously seen in the wild installation technique. DePriMon is a malicious downloader, with several stages and using many non-traditional techniques. To achieve persistence, the malware registers a new local port monitor – a trick falling under the “Port Monitors” technique in the MITRE ATT&CK knowledgebase. … More Registers as “Default Print Monitor”, but is a malicious downloader. Meet DePriMon

ESET helps law enforcement worldwide to disrupt Gamarue botnet

December 5, 2017

Law enforcement authorities across the globe disrupted many long-running botnets powered by a malware family dubbed as Gamarue, mostly detected by ESET as Win32/TrojanDownloader.Wauchos and also known as Andromeda, capping a year-plus concerted effort that relied on technical intelligence from Microsoft and ESET researchers. ESET, having been approached by Microsoft to join the disruption effort, provided a technical analysis … More ESET helps law enforcement worldwide to disrupt Gamarue botnet

Sathurbot: Distributed WordPress password attack

April 6, 2017

This article sheds light on the current ecosystem of the Sathurbot backdoor trojan, in particular exposing its use of torrents as a delivery medium and its distributed brute-forcing of weak WordPress administrator accounts. The torrent leecher Looking to download a movie or software without paying for it? There might be associated risks. It just might … More Sathurbot: Distributed WordPress password attack

If you download Minecraft mods from Google Play, read on …

March 24, 2017

Minecraft players have been exposed to scams and aggressive ads brought by 87 fake Minecraft mods recently spotted on Google Play. The apps can be divided into two categories – the ad-displaying downloader detected by ESET as Android/TrojanDownloader.Agent.JL and fake apps redirecting users to scam websites, detected as Android/FakeApp.FG. Altogether, the 87 fake mods reached … More If you download Minecraft mods from Google Play, read on …

New Android trojan mimics user clicks to download dangerous malware

February 14, 2017

Android users have been exposed to a new malicious app imitating Adobe Flash Player that serves as a potential entrance for many types of dangerous malware. The application, detected by ESET security software as Android/TrojanDownloader.Agent.JI, tricks its victims into granting it special permissions in the Android accessibility menu and uses these to download and execute … More New Android trojan mimics user clicks to download dangerous malware

ESET Ireland

ESET Ireland Official Blog

Tag: downloader